Export limit exceeded: 10513 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10513 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67592 | 2 Joedolson, Wordpress | 2 My-calendar, Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Joe Dolson My Calendar my-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Calendar: from n/a through <= 3.6.16. | ||||
| CVE-2025-49319 | 2 Wordpress, Wpfactory | 2 Wordpress, Wishlist For Woocommerce | 2026-04-15 | N/A |
| Missing Authorization vulnerability in WPFactory Wishlist for WooCommerce wish-list-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wishlist for WooCommerce: from n/a through <= 3.2.3. | ||||
| CVE-2023-36680 | 2026-04-15 | 5.4 Medium | ||
| Missing Authorization vulnerability in Iulia Cazan Image Regenerate & Select Crop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Regenerate & Select Crop: from n/a through 7.1.0. | ||||
| CVE-2023-36683 | 2026-04-15 | 6.5 Medium | ||
| Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through 2.7.8. | ||||
| CVE-2023-36694 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 6.3 Medium |
| Missing Authorization vulnerability in Bryan Lee Kingkong Board.This issue affects Kingkong Board: from n/a through 2.1.0.2. | ||||
| CVE-2025-53452 | 2 Barry, Wordpress | 2 Event Rocket, Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Barry Event Rocket allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Event Rocket: from n/a through 3.3. | ||||
| CVE-2025-4047 | 1 Wpmudev | 1 Broken Link Checker | 2026-04-15 | 4.3 Medium |
| The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_full_status and ajax_dashboard_status functions in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view the plugin's status. | ||||
| CVE-2024-2292 | 2026-04-15 | N/A | ||
| Due to a lack of access control, unauthorized users are able to view and modify information pertaining to other users. | ||||
| CVE-2021-26387 | 2026-04-15 | 3.9 Low | ||
| Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity. | ||||
| CVE-2025-66136 | 2 Merkulove, Wordpress | 2 Carter For Elementor, Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in merkulove Carter for Elementor carter-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carter for Elementor: from n/a through <= 1.0.2. | ||||
| CVE-2025-66141 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in merkulove Scroller scroller allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scroller: from n/a through <= 2.0.2. | ||||
| CVE-2024-34763 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Saleswonder Team: Tobias Builder for WooCommerce reviews shortcodes – ReviewShort woo-product-reviews-shortcode.This issue affects Builder for WooCommerce reviews shortcodes – ReviewShort: from n/a through <= 1.01.5. | ||||
| CVE-2025-66143 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in merkulove Crumber crumber-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crumber: from n/a through <= 1.0.10. | ||||
| CVE-2025-66144 | 2 Merkulove, Wordpress | 2 Worker For Elementor, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in merkulove Worker for Elementor worker-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Worker for Elementor: from n/a through <= 1.0.10. | ||||
| CVE-2024-34438 | 2 Anssi Laitila, Wordpress | 2 Shared Files, Wordpress | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through <= 1.7.19. | ||||
| CVE-2024-32832 | 2 Hamid-alinia-idehweb, Wordpress | 2 Login With Phone Number, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from n/a through <= 1.6.93. | ||||
| CVE-2025-66145 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in merkulove Worker for WPBakery worker-wpbakery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Worker for WPBakery: from n/a through <= 1.1.1. | ||||
| CVE-2024-32679 | 1 Tammersoft | 1 Shared Files | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through <= 1.7.16. | ||||
| CVE-2024-11355 | 2026-04-15 | 4.3 Medium | ||
| The Ultimate YouTube Video & Shorts Player With Vimeo plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_setting() function in all versions up to, and including, 3.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view settings for playlists. | ||||
| CVE-2024-43229 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Cornel Raiu WP Search Analytics search-analytics.This issue affects WP Search Analytics: from n/a through <= 1.4.9. | ||||